Lucene search

K

Upoint Security Vulnerabilities

cve
cve

CVE-2006-1436

Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the (1) Event, (2) Description, (3) Time, (4) Website, and (5) Public Remarks fields to (a) eventpublisher_admin.htm and (b)...

5.8AI Score

0.007EPSS

2006-04-15 11:02 PM
28
cve
cve

CVE-2006-1437

UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to...

6.2AI Score

0.007EPSS

2006-04-15 11:02 PM
21
cve
cve

CVE-2006-1277

Cross-site scripting (XSS) vulnerability in signup.php in @1 File Store 2006.03.07 allows remote attackers to inject arbitrary web script or HTML via the (1) real_name, (2) email, and (3) login...

5.7AI Score

0.006EPSS

2006-03-19 11:06 AM
19
cve
cve

CVE-2006-1278

SQL injection vulnerability in @1 File Store 2006.03.07 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) functions.php and (2) user.php in the libs directory, (3) edit.php and (4) delete.php in control/files/, (5) edit.php and (6) delete.php in control/users/,.....

8.3AI Score

0.013EPSS

2006-03-19 11:06 AM
31